GDPR: Why you should keep applications up to date…

There are just 4 weeks until GDPR becomes law. The regulation puts an increased focus on an organisation to be secure and that they handle their customer’s data responsibly. We look at why it’s important to keep applications up to date…

We’ve seen in the news this week that TSB Bank have had a major problem with their online banking facility with customers having access to other people’s account details and money. They are now facing a potential fine for the data breach. The maximum penalty currently permitted under the Data Protection act is £500,000. However, after 25th May when the General Data Protection Regulation comes into force, the penalties for a data breach will either be €20m (£17m) or 4 per cent of global annual revenue, whichever is highest.

Unfortunately, we often see compromised accounts hosted on our servers. Whilst we have active monitoring in place to spot known malware, an attacker may already have gained access to your database and in turn any data stored within it before our tech team have been able to disable the infected site. If a personal data breach occurs the onus is on the account holder to contact the ICO within 72 hours unless “the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons”

We will always keep our hardware and software up to date with the latest security patches but we cannot, and will not, be held responsible should a breach occur due to a user having out of date installs on the hosting space we have provided. The damage to a business that a data breach can bring – either to it’s reputation or by large fines, can be devastating. It is now more important than ever to bring your WordPress, Drupal, Magento installs up to date and to implement the latest security patches to avoid leaving yourself open to attack.